Deployment Scenarios with VLANs
Scenario 2: Multiple VLANs
Cisco ASA 5505 Getting Started Guide
2-4
The ASA 5505 automatically protects the critical assets on the Business VLAN
so that these devices cannot be infected by traffic from the Personal VLAN. To
enable devices in the Business VLAN to establish secure connections with
corporate head-end devices, enable the Easy VPN hardware client functionality
so that only traffic from the Business VLAN initiates Easy VPN connections. This
configuration enables users on the Personal VLAN to browse the Internet
independently of the Business VLAN, and the security of the Business VLAN is
not compromised.
In
Figure
2-2, an ASA 5505 is installed in a home office environment and is
configured for three VLANs: a Business VLAN that consists of all devices used
for a home-based business, a Personal VLAN that consists of devices that can be
used by all members of the family, and an Internet VLAN that provides Internet
connectivity for both the Personal and Work VLANs.
Figure 2-2
Multiple VLANs with External Connectivity
Business VLAN
Server
Laptop
computer
Printer
Personal
computer
Personal VLAN
Chapter 2
IP Phone
Power
cable
PO
WE
Cis
48
VD
R
co
AS
C
A SS
C-0
5
7
POW
ER
ove
r ETH
ERN
ET
6
Game
System
Planning for a VLAN Configuration
ASA 5505
Sta
tus
Sec
uri
Ser
ty
vic
Ca
es
rd
Slo
5
t
4
3
2
co ns
ole
1
0
1
2
RE
SE
T
Internet VLAN
Router
Internet
78-17612-01